RaspberryPi Server (Part 1): Headless log in OS X

Getting all carried away with headless RaspberryPi login

TL;DR The Raspbian Raspberry Pi optimized Debian Linux image runs the ssh server by default at boot up. Hook up the Raspberry Pi to the router with a network cable, boot into a Raspbian image, find the RPi on the network and ssh into it from a terminal emulator using default user name (pi) and default password (raspberry).

Getting it all done using OS X:

• Download Raspbian
• Download the RPi-sd card builder utility an app which will walk you through the process of installing to SD card. Note: This is a closed source app which requires your root password.
• Flash Raspbian onto a suitable SD card and slot in RPi.
• Connect up power supply and network cable to RPi.
• Confirm boot and network LED activity on RPi.
• Find RPi on network address xx.xx.xx.xx using nmap or fing.
• Pop up a terminal window and log in through secure shell:

ssh pi@xx.xx.xx.xx
password: raspberry

Hey Presto! Remotely logged on:

Linux raspberrypi 3.12.28+ #709 PREEMPT Mon Sep 8 15:28:00 BST 2014 armv6l

The programs included with the Debian GNU/Linux system are free software;

the exact distribution terms for each program are described in the

individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent

permitted by applicable law.

Last login: Sat Nov 22 15:13:24 2014 from 10.0.1.10

NOTICE: the software on this Raspberry Pi has not been fully configured. Please run 'sudo raspi-config'

pi@raspberrypi ~ $ 

Update the RPi Raspbian system and perform set up tasks.

This is easy, instruct the apt-get command line tool to do this for you:

sudo apt-get update && sudo apt-get upgrade

Then go away and have a cup of tea as this will take some time...

When you get back with your cup of tea you should be able to sudo into raspi-config tool and do some basic housekeeping appropriate for a RPi server:

• Change User Password
• Expand Filesystem
• Advanced Options
       |
      Memory Split (16K for a server)
• Advanced Options
       |
      Hostname (Something more appropriate)
• Set timezone (in internationalisation options).

Current default time zone: 'Europe/London'

Local time is now:      Sat Nov 22 15:37:56 GMT 2014.

Universal Time is now:  Sat Nov 22 15:37:56 UTC 2014.

pi@servemepi ~ $ 

Fix a static network IP address for the RPi
(adapted from www.suntimebox.com/raspberry-pi-tutorial-course/week-3/day-5/)

Hunting for your RPi on the local network every time that you wish to login and administer your tidgy server is an unnecessary sequence of faffing about, just give it a fixed IP address as its home.

Login and enter the following command:

cat /etc/network/interfaces

 You will find the line below referring to the eth0 interface and that it should use DHCP.

iface eth0 inet dhcp

To change this line to a static IP address, enter the following command to retrieve your existing IP address and network information:

sudo ifconfig

Make a note of your current IP address, the broadcast IP and the Mask.  This is the output from my system for example:

inet addr:10.0.1.21  Bcast:10.0.1.255  Mask:255.255.255.0

One last thing that is required is the gateway address.  This is in most cases your routers internal IP address. Enter the following to find out for sure:

sudo route -nee

Make a note of Gateway address. e.g.

Gateway: 10.0.1.1

Next you need to edit the system's interfaces file to set this static information.  Enter the following command:

sudo nano /etc/network/interfaces

Modify the line that reads

iface eth0 inet dhcp

To notify the system of a static address:

iface eth0 inet static

And add immediately below it add a suitable fixed ip address for the RPi and your freshly harvested mask, network, broadcast & gateway:

address 10.0.1.200
netmask 255.255.255.0
network 10.0.1.0
broadcast 10.0.1.255
gateway 10.0.1.1

Save the file by pressing CTRL-O and exit to the command line with CTRL-X.

Now when the RPi reads this file when booting up, it will look at the interface eth0 and set it to the static IP address.  It will set the IP address to 0.0.1.200, every time, the network to 10.0.1.0 and the broadcast address and the gateway address so that it can find its way out of the network.

Reboot the Raspberry Pi to read in the new settings with the following command:

sudo reboot

Test the new fixed IP address from the OS X bash shell, for example:

ping -c5 10.0.1.200

With results on my system:

PING 10.0.1.200 (10.0.1.200): 56 data bytes64 bytes from 10.0.1.200: icmp_seq=0 ttl=64 time=3.824 ms64 bytes from 10.0.1.200: icmp_seq=1 ttl=64 time=2.850 ms64 bytes from 10.0.1.200: icmp_seq=2 ttl=64 time=2.841 ms64 bytes from 10.0.1.200: icmp_seq=3 ttl=64 time=2.862 ms64 bytes from 10.0.1.200: icmp_seq=4 ttl=64 time=4.134 ms 

Log back into the RPi using the secure shell, e.g. on my system:

ssh pi@10.0.1.200

One last thing that needs to be modified is the /etc/resolv.conf file.  This file contains information of DNS name resolvers that allow the RPi to resolve names to IP addresses.  For example, if you ping -c5 www.google.co.uk the RPi will have to determine the resolve the name into the actual IP address of www.google.co.uk.

Fire up the nano file editor again to edit the resolv.conf file:

sudo nano /etc/resolv.conf

Enter the follow Google public DNS server IP addresses:

nameserver 8.8.8.8nameserver 8.8.4.4

CTRL-O to save and CTRL-X to exit nano, as before and repeat the ping test ping -c5 www.google.co.uk to see improved name resolving times.

Okay so remote login to static ip addressable RPi that has been updated, initially secured, named, time-zoned and minimum memory for screen achieved!

!!!WARNING YOUR RPi IS VULNERABLE!!!

However, if this RPi is going to stand half a chance out there on the WWW then it's going to need a bit more work securing done to it to protect from those who would do harm!

See part 2...

photo credit: Dan Zen via photopin cc